Posted
by
CmdrTaco
on Thursday January 28, 2010 @11:41AM
from the can't-wait-to-see-the-ad-campaign dept.

destinyland writes "How exactly would the military fight a cyber war? In August 2009, the U.S. Air Force activated its new cyberspace combat unit, the 24th Air Force, to 'provide combat-ready forces trained and equipped to conduct sustained cyber operations.' It's commanded by former Minuteman missile and satellite-jamming specialist Major General Richard Webber. (And under his command are two wings, the 688th Information Operations Wing and the 67th Network Warfare Wing, plus a combat communications units.) Meanwhile, to counter the threat of cyber warfare, DARPA is still deploying the National Cyber Range, a test bed of networked computers to test countermeasures against 'cyberwar.' (According to one report, it provides 'a virtual network world — to be populated by mirror computers and inhabited by myriad software sim-people "replicants," and used as a firing range in which to develop the art of cyber warfare.') The Obama administration has even added a military cybersecurity coordinator to the National Security team."

That word bugs the hell out of me. It's like watching a "hacker" in the movies waving around a power glove while a graphic of a virus attacks things. And you used it 9 times in that summary. Just stop it.

I feel for you. But the other side of the coin is what name DO you give guys who are attacking or defending systems on a network? The problem is no matter what you call them, it sounds cliche. Military hackers. Cyber Warriors. Network fighters. Nerd Soldiers. None of it's good. I say we all just use 'cyber' and feel slightly guilty about it because we know it doesn't really work but don't have anything better.

No, it's more like a herd of performing elephants with diarrhea. As Hannibal showed the Romans elephants may not consider themselves a part of your army, but once you point them in the right direction they can still get the job done.

So are they now going to propose a Homeland Defense Firewall, to protect and defend american business and citizens against foreign cyber attacks? Or will they be "simply monitoring" the routers coming in and out of the country? I wouldn't be surprised. Of course, no privacy invasions, no espionage will occur over the monitoring channels. Only criminal and terrorist investigation. And even then, only with a warrant. Of course we can be assured of that. Of course you can trust the military to always defend Americans and respect American law and use of decency. Of course. We all agree on that.

Actually, I wouldn't expect that from them at all. The military has no real interest in spying on the civilian population. Perhaps the FBI, CIA, or NSA might do the stuff you were spouting off about, but the military is going to be focused on conducting electronic and cyber warfare, i.e. destroying the enemy's electronic infrastructure and protecting our military's infrastructure.

if you want to be hysterically paranoid, at least do it about the right things...

"..the FBI, CIA, or NSA does the stuff you were spouting off about.." FTFY.

It is fairly well-known that the NSA has been listening in since 9/11; even former NSA analysts have come forward to voice their concerns about listening in on the conversations of normal American citizens.

"..the FBI, CIA, or NSA does the stuff you were spouting off about.." FTFY.

It is fairly well-known that the NSA has been listening in since 9/11

The CIA/NSA has been listening in since the 70s or even the 60s -- they are not allowed to spy domestically (even if they do), but they are allowed to monitor all cross-border voice and data traffic - and they've been doing so for a long time (just google for Echelon).

Listen yes, from Non-US locations. Perfectly legal. Look up Echelon. At least (right now) the Government isn't proposing using remote spy drones to monitor the population like has been proposed in the UK.

"normal" citizens? Not hardly, only targeted calls from people who might be terrorists or helping terrorists and most of that international calls. I don't think even the NSA has the compute power to monitor every landline, cell, VOIP call in the USA. They also need good probable cause, Ahmed's call back

Actually, I wouldn't expect that from them at all. The military has no real interest in spying on the civilian population. Perhaps the FBI, CIA, or NSA might do the stuff you were spouting off about, but the military is going to be focused on conducting electronic and cyber warfare, i.e. destroying the enemy's electronic infrastructure and protecting our military's infrastructure.

if you want to be hysterically paranoid, at least do it about the right things...

You're calling someone paranoid by because they aren't correctly identifying which part of the government is spying on them illegally? That's a new one.

Wait, so the army trains on how to fight with enormously destructive weapons, and how to interrogate and search people efficiently, but now that they're learning how to conduct warfare on some copper and fiber wires you're scared?

I honestly think we'll end up with an internet made of defended virtual areas (the same way that US territories are physically defended). They may not all be government areas either. Maybe the military and the national infrastructure reside within the governments defended areas. And Comcast defends it's area. Or you can pay and be part of Googles defended area.

My guess is the defended areas will only explicitly talk to each other. So if Google and comcast don't come to agreement about what they're wi

Just because it started, or you first heard it, ten years ago doesn't mean it isn't still accurate and hence funny.

Not that they haven't been trying to eliminate from the service those members that fit the stereotype. In fact their campaign against people that didn't look dashing in their rediculous uniforms was a major contributor to me not re-enlisting. Pretty much the only thing I really miss about the military was the prices of groceries at the Commisary.

Yes I am fat. I did not get forced out in anyway. I did receive an LoR at one point for not passing the PT test after my first three months on the fat kid program. I did keep an accurate food diary for those three months, and the three months until I did eventually pass. I was always under the my calorie budget by several hundred calories. I worked out aerobically for at least 45 minutes five times a week, three of those days I would also participate in regular group P

to be populated by mirror computers and inhabited by myriad software sim-people 'replicants,' and used as a firing range in which to develop the art of cyber warfare.")

Oh, yeah, I remember these guys. We invited the general to come and post on slashdot a few years back. They never did come up with a good answer to how they can recruit the necessary talent when the aforementioned is generally anti-authoritarian. Hacking, or "cyberwarfare", or whatever you want to call it, all requires a high degree of creativity combined with the ability to see patterns in seemingly random information. Both of these skillsets are a rarity in the general population -- most people are linear sequential thinkers, which means they can't start one task without stopping another. Everything about this theatre is contrary to conventional military discipline.

This is an organization that still believes that only men should be in their little club, gays are bad, and if you're over 30 you're too old. Maybe that works well when you're comparing gun sizes, but in this theatre the groups they're excluding have exactly the human resources such an operation needs: Women are generally able to multitask and see the "big picture" easier than men, gays stereotypically gravitate towards creative endeavors (theatre, graphic design, etc.), and the over 30 crowd has exactly the kind of in-depth understanding of the technology and experience necessary to use it that a bunch of twenty-somethings just can't match, no matter how good the training.

They're putting themselves at a huge handicap -- and they can't afford to do that. Especially when China has more honor students than we have students in whole. They can afford to be prejudiced. They can afford to throw a million people over a cliff to fund public works projects. Meanwhile, our antiquidated notions of what a soldier is puts us at a substantial risk of being obliterated in the global theatre.

My Dad (age 57) was hired by the NSA at age 52 (MS Comp Sci - Information Assurance). He's now a GS15 and did a year-long stint in the White House OSTP (inter-agency tour). He's heavily involved with defense/threat assessment and is getting ready to go to the "Dark Side" (offense).

He did a ton of drugs in college (35 years ago). He pirates software (now). Somehow he got hired and is moving up the ladder nicely.

I walked into the Navy recruiter about a year ago, and asked him what I could in the Navy with a degrees in computer sciences and statistics. I am also physically-fit and have a high GPA. The officer (not enlisted) basically told me "not a goddamn thing, try the Army". The Army guy was the typical pushy recruiter; he told me to enlist and try for OCS (I'd probably end up on a convoy in Afghanistan).

I disagree with what you said about gays and women in the military; recent statistics suggest that 33% percent

"They never did come up with a good answer to how they can recruit the necessary talent when the aforementioned is generally anti-authoritarian."

Not only that, but I've been in MD for a year now and every day I see job postings for "Linux Sys Admin with active full scope poly clearances" and I keep wondering where the hell they expect to find them. I mean it's one thing to find a good Linux sys admin but finding one with an active clearance? If you do find one you'd just be stealing them from some other a

For example, playing LARP, or liking the original Star Trek (TNG is apparently okay) is a mark against you for some security clearances.

Having done both those things, *and* having a high security clearance while doing them, *and* working with nuclear weapons - I can comfortably say, like everything else you've posted in this thread, you haven't a fucking clue what you are talking about.

Also in conversations I've had with interviewers (for myself and other people) have hobbies been discussed. They're much more worried about whether or not you drink too much or do "recreational" drugs.

I knew a woman once who had a high security clearance and was a stripper in college. I also knew a guy who knew a guy who had a high security clearance who frequented strip bars. Neither seemed to keep the government from issuing clearances. And these were issued before the 90-day deadline to clear

In my experience, people who handle nuclear weapons are told not to publicize that fact. They also don't swear on a public forum just to prove a point, they tend to be very cool and reserved. So, I'm thinking you should sue your face for slander.

Well, again, your 'experience' (read: stereotypes) are utterly and completely wrong. Which should come as no surprise.Heck, here's an public form [missileforums.com] organized for and by USAF missile types. Here's a public site [navynucweps.com] and organization for USN nuclear weaponeers.

They never did come up with a good answer to how they can recruit the necessary talent when the aforementioned is generally anti-authoritarian.

The same way they recruit very bright people for other specialized fields - they recruit the people who aren't anti-authoritarian, or who are anti-authoritarian but can submerge that enough to get along and do their jobs properly. (The Submarine Service and the various special forces are well stocked with the latter.) It may not appeal to stereotypical 'average Sla

Care to point me in the direction of any women who have managed to make General, in any branch of service? Last I checked, there were none. So women may be in the military, but they either lack the same potential as men -- or environmental factors are holding them back. Which one do you suppose it is?

Most people in IT aren't anti-authoritarian just to be an ass -- they are because they have a low tolerance for people who try to order them around that they have no respect for or feel are less capable of doing the job than they are. That's readily cured with training -- but that's an up-front cost that I don't think the military is willing to absorb because skimming off the top is cheaper. They haven't had to dig into the labor pool. Maybe they don't need to, I don't know -- but the whole point of basic is to change attitudes, which is all that is. It's an artificial barrier.

Well, your stereotype of basic training, like all your stereotypes is flat out wrong. The point of basic is to instill discipline and modify behavior. The military doesn't give a rat fuck about your attitude so long as it doesn't affect your discipline, behavior, or work. (And you also seem to be ignorant of the fact that the military does hire civilians in special cases, and even assigns them to operational and deployed units.)

I made a general statement that holds true for the general case.

Except, like each and every one of your other general statements and stereotypes, you are flat out wrong. I quoted one specific case, but that does not invalidate my other statement.

Care to point me in the direction of any women who have managed to make General, in any branch of service? Last I checked, there were none.

Why not just check Google? [lmgtfy.com] (I imagine you haven't bothered to check Google in a couple of decades because stereotypes are easy and you're lazy.)

And given the number of chiefs and senior offices I knew and know that are over thirty... Well, like the rest of your stereotypes, you're simply wrong.

I was referring to recruitment, and I am not wrong.

Well, other than your general laziness, why didn't you say recruiting? And even so, you're still wrong. The military has long waived the age requirements for narrow and specialized fields where civilian experience is desirable and not available among younger people. If they don't want to put them in uniform for some reason, they hire 'em as DoD civilians.

I would gather that you have not been in the military. In my experience, they're confident enough of their service and their statements about it to not resort to terms like "rat fuck". As well, if they honestly do have a problem with someone, it's solved quickly and quietly so they can go back to their drinks.

Well, like the rest of your stereotyping - you're dead wrong. (Again, no surprise.) I was in the USN Submarine service from 81-91. On top o

Care to point me in the direction of any women who have managed to make General, in any branch of service? Last I checked, there were none. So women may be in the military, but they either lack the same potential as men -- or environmental factors are holding them back. Which one do you suppose it is?

There are plenty of women generals. Maybe you should actually check and recognize the accomplishments of some great women rather then just saying women can't succeed in the military. Women fill officer ranks in higher proportion then women in military and they're prom

: Women are generally able to multitask and see the "big picture" easier than men, gays stereotypically gravitate towards creative endeavors (theatre, graphic design, etc.), and the over 30 crowd has exactly the kind of in-depth understanding of the technology and experience necessary to use it that a bunch of twenty-somethings just can't match, no matter how good the training.

Wow, that was not where I thought you were going with that.

And it doesn't seem very rational. All of the in/famous hackers I can think of are at least men, and most are Caucasian. DVD John, Kevin Mitnic, Stroustrup, Paul Lutus, Linus Torvalds, Woz, Stall Man, Wall, Knuth, Shimomura, Johnathan James, and Adrian Lamo... And I don't think any of them are homosexual.. Do you have any counter-examples that would alter this perception?

I think the only thing these people have in common is they aren't just empty suits like the government seems to love to employ, but they are all men.

And it doesn't seem very rational. All of the in/famous hackers I can think of are at least men, and most are Caucasian. DVD John, Kevin Mitnic, Stroustrup, Paul Lutus, Linus Torvalds, Woz, Stall Man, Wall, Knuth, Shimomura, Johnathan James, and Adrian Lamo... And I don't think any of them are homosexual.. Do you have any counter-examples that would alter this perception?

We aren't visible because this is a male-dominated field -- that doesn't mean the same potentialities don't exist in women, recurring generation after generation, only to perish because society can't find a way to support women in science an

He, and you, forgot Admiral Dr. Grace Murray Hopper, lead of the team that invented COBOL and erroneously attributed to finding an insect (bug) in a computer that cause a fault and popularizing the "bugs in the system" saying.

Yes, you said the list goes on, but Dr. Hopper deserves a specific mention.

which sounds like someone who starred in a '70s era pornographic movie

but the truth is that the world's first computer programmer was a woman. and if you look at her method for writing a computer program, it's really more like an extended effort at a clever hard hack. in which case, you're talking about the world's first hacker too

Women can join any US military branch but cannot (as in not allowed) perform Combat duties. You can join the US Army at 42 without a waiver.. so 30 is not too old. Gay men and women are tolerated because they are just as good as everyone else.. the problem comes in when a guy is sitting on the bench outside the shower room watching everyone go in and out (this happens!) and everyone freaks out and stereotypes all gay guys to be that way.

In that case, my only argument about the age of USAF enlistment can be: They must think that ~50 is the typical retirement age and back-dated from there. I would hope someone over 27 could still get in with a waiver.. but that would be a fight.

I do agree with you that military service doesn't blend well with free-thinking folks. I can't see why a non-conformist would join such a rules/regulations based organization. But i'd like to put forth that Clear goals and purpose are attractive to many people incl

And on a more serious note, since we are talking about the military-congressional-corporate-complex here:

From an interview with Auriea Harvey and Michael Samyn, creators of The Endless Forest:

"We think our contemporary world is a horrible place. Our cultures are being swallowed by the economic machine, politics have degraded into cheap television propaganda, and violence is condoned, if not encouraged, as the way of choice for dealing with any conflict. All of this is against a backdrop of ever-increasi

Few women, no gays, age limit. Then, too, there's the religious intolerance that has been reported at the Air Force Academy. (Google it, there are a lot of articles, most when it was first reported in 2005, but also since then.) I wonder what percentage of people with the talents needed to be "cyberwarriors" are evangelical Christians?

That's an excellent point. In a virtual world, the only qualities that matter, are, as you said girlintraining, the necessary talent along with a creative mind. I am assuming, correct me if I am wrong, that you would need Top Secret clearance to work on a project as sensitive as this. This would present a problem, especially if you are trying to recruit talent, aptly described above as anti-authoritarian.
The government's plan to create a cyber-warfare division is a good one that has been a long time comin

What a gas!! Loved all those green thingy lines -- really gucci, doods and doodettes!

Geez, and those guys -- those were the same buckaroos at the 1999 Silicon Valley conference where they made that fantasy proclamation about something called "The New Economy" (where they hell did they hide that thing, anyway????). That's where no money had to be spent on any hardware or install testing, all the software was downloaded from the 'net (I believe that's what they called those interpipe thingies).

We invited the general to come and post on slashdot a few years back. They never did come up with a good answer to how they can recruit the necessary talent when the aforementioned is generally anti-authoritarian.

The answer is first, contractors. They can be quickly hired to do the job and get to keep their over-weight, gay, female, anarchist, old, whatever family life.

In the long term however the military will train young recruits in cyber warfare. You seem to believe you can't train someone to conduct cyber warfare. That sounds like saying you can't train someone to run strait into oncoming gunfire rather than circumventing the enemy. The people creating the ciriculum or doing the training may be over-weight

Tenth Fleet will be reactivated in October 2009 as the U.S. Navy's Fleet Cyber Command/10th Fleet.[2] The command will be the Naval component of United States Cyber Command. Its first commander will be VADM Bernard J. McCullough III. [3]

Most people in the military are severely lacking in kind of skills needed to protect America's electronic infrastructure. It has to do with military culture more than anything else. Techies just don't get promoted the way fighter pilots do. I would shut the whole thing down and start a new branch or something. Otherwise, it's a giant waste of money.

Most people in the military will not be serving in this command. Only the qualified will.
A few years ago we could have said that most people in the military are severely lacking in the kind of skills needed to operate UAVs, and yet that particular foray into technology seems to be going okay.
Fighter pilots are going away...techies are up and coming. Even the military adapts.

There are plenty of people in the military with the competency to do the task at hand. Bringing the talent in is NOT the issue. Its KEEPING THEM.
A person that enlists in the Air Force for 4-6 years into a computer systems job has the oppurtunity to gain valuable skills.

On the outside, 4-6 years of experience with those skills can get you double the salary the military can provide. Paycheck rules.

In cyberspace, traditional "army" concepts have no meaning, specially the partt when we talk about huge number of active/willing participants. The only thing that could have army-like numbers are zombie PCs, something that "should" not be used (your country hacking your pc to attack what they consider enemies? and leaving the door open so potentially youir enemy could use your pc too?. They should behave as firefighters (taking measures/educating to limit a lot the odds that someone gets zombified) or terro

Last time I checked the military was part of the government. At least that's the case in the U.S. I suppose it could be different where you live.

That aside, I think you're overreacting somewhat. Most in the military see the network as another domain in which to operate (much like the air or sea). The purpose of gaining air or sea supremacy is to ensure that you can effectively use that domain while denying your adversary the use of it. The big diff

The government is a lot of things, not just military. You have there public education, public safety, health and economy sectors, and a lot of other areas that could be related and take part of this. But network safety and good practices (as in every participant on it) should be a civil matter, not militar one.

Putting the base of all of this in military level is like declaring war on a foreing country because there is a disease there, instead

But what better part of the government to protect military networks than the military? What better part of the government to conduct offensive actions against hostile actors than the military? None of the other functions you site really make sense in the current make up of the U.S. Federal Government.

That aside, I think you're overreacting somewhat. Most in the military see the network as another domain in which to operate (much like the air or sea). The purpose of gaining air or sea supremacy is to ensure that you can effectively use that domain while denying your adversary the use of it. The big difference though is that while it's not really normal to have to contest regions of air or space, the normal state of affairs is that the "cyber" domain is very much being contested on a daily basis. These organizations are intended to provide the expertise and equipment / software needed to effectively operate in this contested domain.

The problem is that information systems are not physical environments. In the physical realm, we have to deal with the laws of physics. The only thing we can do about that is gain a better understanding of them (providing technology and capabilities that weren't possible previously). But in the end, we don't get to re-write the laws of physics. You can make it hard to physically occupy a given space but ultimately there's nothing that makes it impossible to occupy a given space. With information system

> The problem is that information systems are not physical environments.

I never meant to imply that they were. It's an admittedly artificial domain we use to provide shared awarenss and force synchronization. It's a domain our adversaries use for the same purpose. If they impact our ability to use it, it impacts our operational effectiveness just as much as not having air supremacy affects ground forces or having sea supremacy impacts our ability to allow the sea lines of communication [wikipedia.org] to remain open.

I never meant to imply that they were. It's an admittedly artificial domain we use to provide shared awarenss and force synchronization. It's a domain our adversaries use for the same purpose. If they impact our ability to use it, it impacts our operational effectiveness just as much as not having air supremacy affects ground forces or having sea supremacy impacts our ability to allow the sea lines of communication [wikipedia.org] to remain open.

You may not mean to imply that they are, but all your examples certainly do. The whole Cyber Warfare [wikipedia.org] language revolves around the concept that networks are akin to physical domains. I find that absurd. And it's especially frustrating to see, time and again, physical security concepts being applied to a non-physical domain while real issues go misunderstood / unidentified.

I agree that my characterization of information warfare as espionage is somewhat narrow. But I believe it better characterizes the env

There is a threat to our knowledge, our words, our very sense of self. It permeates the ether, watching, waiting for us to lower our guard. Although we sit on the brink of moral decay, staring back from the abyss towards an enemy unseen, we shall not falter in our duty. We must stand firm against these intruders. Our very credit scores are at stake. And I tell you this: wherever they are, they will be met with strength. We shall fight them on the wireless. We shall fight them at the backbone. We sha

Instead of spending yet another astronomical amount of resources to try to patch up our "defenses", why not fund a few open source projects to get a some implementations of the Capability Security Model [c2.com] out into circulation?

A few well placed millions (or heck, even thousands) could fix the internet for good, and then we could all get on with general purpose computing, without the need for virus scanners, etc.

I don't understand why they don't properly organize a cyber-militia. Russia and China sure seem to have their own going.

We could pounce them 5 to 1 with all the private computer networks and crackers around the World that might contribute. They just need a proper command and control system, otherwise I could totally see more than a few friendly fire incidents ( "sorry about that L.A., I thought I was pulling the plug on the power grid in Bejing").

If economic strength, drives political strength and international standing (hopefully no one has any illusions that it doesn't do both). And USA's economic strength is currently predicated on intellectual property (which can then manufactured somewhere else) then how do we (as a nation...or any nation) protect ourselves from the array of network attacks that are launched against us?
I think some sort of national firewall or cooperative agreement is a good idea to help protect against those countries that

If economic strength, drives political strength and international standing (hopefully no one has any illusions that it doesn't do both). And USA's economic strength is currently predicated on intellectual property (which can then manufactured somewhere else) then how do we (as a nation...or any nation) protect ourselves from the array of network attacks that are launched against us? I think some sort of national firewall or cooperative agreement is a good idea to help protect against those countries that st